On Tue, 28 Jan 2014 15:00:43 +0800 lina <lina.lastn...@gmail.com> wrote:
> 1] about port 631, can I turn it off? since I only print very > occasionally, I don't know the real purpose of cupsd; As others said, listening port 631 on loopback interface is not a problem. > > 2] I don't know why the dhclient occupy several ports to listen, and > what's a little annoying is that seems my IP address barely changed even > I reboot after one night. > tcp6 0 0 :::143 :::* > LISTEN 2731/couriertcpd Running IMAP server on a desktop is an uncommon thing. Do you really need it? > udp 0 0 0.0.0.0:68 0.0.0.0:* > 3690/dhclient > udp 0 0 0.0.0.0:68 0.0.0.0:* > 3396/dhclient > udp 0 0 0.0.0.0:68 0.0.0.0:* > 3158/dhclient You're running 3 different DHCP clients at once (notice different process-ids). If you're using ifupdown, that's probably misconfigured /etc/network/interfaces. If you're using NetworkManager - you've hit some NM bug probably. > I read something online earlier, > "Currently there are no comfortable tools out which are able to check a > system over network for IPv6 security issues. Neither Nessus nor any > commercial security scanner is as far as I know able to scan IPv6 > addresses." (from > http://mirrors.deepspace6.net/Linux+IPv6-HOWTO/ipv6-security-auditing.html) This information is obsolete. See (latter is available in the Debian main archive): http://www.si6networks.com/tools/ipv6toolkit http://nmap.org/download.html And once one finds hosts's IP, it's irrelevant whenever host in question is using IPv4 or IPv6. If you're really concerned about security, I'd suggest you to use iptables (and ip6tables). Reco -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140128190337.6a6cbb9bb09792d6ac75f...@gmail.com
